2014/1/3 David Benfell <benfell at parts-unknown.org> > I was unable to find an associated vulnerability in Linux. I trust the > OpenSSL folks would be on top of this faster than you can blink an eye > if it were a current issue. They have not, from what I've seen, > reacted to the revelations. > Interesting read on the openssl-announce list: http://www.mail-archive.com/openssl-announce@openssl.org/msg00127.html Turns out the openssl implementation of Dual_EC_DRBG was broken anyway... - Jitse